- From: Boris Zbarsky <bzbarsky@MIT.EDU>
- Date: Wed, 07 May 2014 11:12:25 -0400
- To: Arvind Jain <arvind@google.com>
- CC: public-web-perf <public-web-perf@w3.org>
On 5/7/14, 10:13 AM, Arvind Jain wrote: > As listed in step 8 of the processing model, the timing_allow_check is > not performed for same origin fetches. That's fine. > The check is only performed for > CORS fetches where the Origin header is present. Not all cross-origin fetches are CORS fetches, and therefore not all of them have an Origin header. > Please let me know if I missed your point. I think you did. -Boris
Received on Wednesday, 7 May 2014 15:12:55 UTC